Arbitrary Tenant Injection Vulnerability in OpenStack Glance API

Arbitrary Tenant Injection Vulnerability in OpenStack Glance API

CVE-2013-4354 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:N

The API before 2.1 in OpenStack Image Registry and Delivery Service (Glance) makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image.

Learn more about our Api Penetration Testing.